In just under a week SIM card maker Gemalto claims to have done a complete security audit of their systems in 85 different countries and reports that "its office networks were compromised, the servers holding the SIM card encryption keys weren't." This is a record worthy of Guinness as most security audits take months or years to complete and the findings tend to discuss probabilities, not absolute certainties. As you might expect The Register and security experts everywhere are doubtful of the claims from a company that did not even know if was compromised less than a week ago that the UK based GCHQ and USA based NSA are unable to compromise your SIM cards encryption when they have the keys in hand. It has not been a good week for anyone who thinks about security.

"Six days ago Gemalto, the world's largest SIM card manufacturer, was told that back in 2010 it had been ransacked by NSA and GCHQ hackers. Today the company gave itself the all-clear: no encryption keys, used to secure phone calls from eavesdroppers, were stolen, it claims."

Bitcasa recently announced that, as of November 15, 2014, the company is discontinuing its "Infinite Drive" and will no longer be offering unlimited cloud storage space. The company made its debut at the start of last year with an infinite storage product (Amazon S3 backend with custom applications and client side AES-256 convergent encryption). Since then, the company has grown to store more than 40 Petabytes of user data. Unfortunately, the unlimited storage space model was not sustainable despite heavily increased pricing several months ago.

According to Bitcasa, less than 0.5% of users stored more than 1TB while 0.1% of users used more than 10TB. The alleged lack of demand coupled with violations of the company's Acceptable Use Policy were the final nails in the infinite storage coffin.

There is a bright side to the announcement, however. Bitcasa has re-engineered the storage backend and is promising faster uploading, downloading, and streaming (over the web interface) of files. Users wishing to stick with Bitcasa will need to transfer files over to the new storage system by the November 15, 2014 deadline. After the deadline, all files that have not been transferred or downloaded will be deleted permanently.

Bitcasa has put together a FAQ that explains the situation and how it will affect each of the account tiers on their website.

Essentially, Bitcasa is shuttering the infinite storage tier completely. Users storing 10TB or less will be allowed to move to the Premium or Pro tiers. The Premium tier remains the same as the old plan at $10 per month for 1TB of storage. The Pro tier has been changed from 5TB for $49 per month to 10TB for $99 per month. Users storing over 10TB will need to reduce their stored files to fit within at most 10TB of space. Of course, users are not required to stay and are free to download their files and move to an alternative service. Finally, the free storage tier has been cut from 10GB to 5GB going forward.

Any existing accounts (so long as they within the lower storage allotments) will be grandfathered in (including pricing on paid tiers) and any"extra" storage space gathered from referrals will remain in effect.

New Plans

Old Plans

Storage Tier

Storage Space

Pricing

Storage Space

Pricing

Free

5GB

$0/month

10GB

$0/month

Premium

1TB

$10/month ($99/year)

1TB

$10/month ($99/year)

Pro

10TB

$99/month ($999/year)

5TB

$49/month

Infinite

n/a

No longer offered

Unlimited

$99/month ($999/year)

There are some snags in the transfer process to be aware of though. Past version history on files will not be preserved post transfer and any mirrored folders will have to be recreated. It is possible to move the mirrored folders after the transfer if you do not have access to the original PC(s), but you will have to recreate the mirrors using the applications when you want to keep them in sync again.

Also, Bitcasa notes that iTunes payments for Bitcasa storage will no longer be accepted and Facebook and Twitter logins will not be allowed (you will create new a new login during the transfer process). Finally, streaming to Plex is not currently working with the new storage system, but a fix is being worked on.

Upon receiving the email from Bitcasa yesterday, I logged in and completed the transfer. The process took about five minutes (including downloading my mirrored folders I no longer had access to on my home PC). My free account is grandfathered into the 10GB limit. When the service first came out, I tried it out for awhile and it was decent. At one point I even considered moving to the paid infinite tier, but at the new prices the amount of storage is no longer economical for personal use (>1TB). It is notable that Microsoft started offering unlimited (used to be 1TB) storage to Office 365 subscribers this week, and I wonder how long that will last and if they will run into many of the same problems Bitcasa did.

What do you think about this announcement? Will unlimited storage always be too good to be true (ie an unsustainable business model).

Dropbox has faced many questions about the privacy of the data held on their service after modified links were shown to successfully connect to private portions of accounts as well as their ability to hand over all your content in readable form to authorities. While for many the lack of encryption is not much of a concern, businesses cannot afford to be so lax with potentially valuable client data stored on Dropbox. This use of Dropbox by businesses is far more common than you may think and may expand with the announcement of Dropbox for Business and the expanded services available for this new service.

For those with security concerns about storing unencrypted data on Dropbox it would seem that the recommendation is to use third party client side encryption software. That does mean that the new search features will not work as Dropbox will be unable to index files as they pointed out to The Inquirer and other media. Dropbox does have a decent reputation for protecting the data they store but for those intending to store proprietary data on the cloud the balance between ease of use and privacy should be considered before moving to any cloud storage provider.

"DROPBOX HAS DEFENDED its record on privacy following allegations by NSA whistleblower Edward Snowden that it is "hostile to privacy"."

Intel has not offered many products which take advantage of their takeover of McAfee, now known as Intel Security but today's release of the Intel SSD Pro 2500 Series changes that. This family of SSDs will work with McAfee ePolicy Orchestrator to allow the automatic implementation of hardware-based 256-bit encryption on these drives in a similar manner to what Endpoint Encryption has done in the past. Since it sits on the hardware Intel claims no impact to the speed is caused by the on the fly encryption. If you use Intel Setup and Configuration Software with vPro you can even monitor the health of deployed drives. Check out Intel's page here and the PR below.

SANTA CLARA, Calif., July 22, 2014 – Intel Corporation today announced an addition to the Intel® Solid-State Drive (SSD) Professional Family: the Intel® SSD Pro 2500 Series. This new business-class SSD delivers lower total cost of ownership, security and manageability features, and blazing-fast SSD performance demanded by today’s business users.

Intel SSD Pro 2500 Series offers IT departments peace of mind with advanced security features and capabilities designed for businesses ranging from small companies through large IT-managed enterprises. Security and remote manageability features, combined with lower annual failure rates than hard disk drives (HDDs), help to reduce the need for resource-intensive deskside visits.

Managing data security is critical for businesses and a challenge for IT leaders. Data breaches, often a result of lost or stolen PCs, can cost a business nearly $50,000 in lost productivity, replacement, data recovery and legal costs.1 To help businesses mitigate the threat of such costly breaches, the Intel Pro 2500 Series SSDs are self-encrypting drives (SED) utilizing hardware-based 256-bit encryption to protect data without a loss of performance. Additionally, the new Intel drives feature the Trusted Computing Group’s OPAL 2.0* standard and are Microsoft eDrive* capable. These policy-based controls help to prevent data breaches and support crypto erase to repurpose the drive for reuse.

“The need to protect assets, keep an eye on the bottom line and ensure employees have the best tools is a challenge for IT departments,” said Rob Crooke, Intel corporate vice president and general manager of the Non-Volatile Memory Solutions Group. “The Intel SSD Pro 2500 Series is a well-rounded solution to help balance those often competing needs. Adding the Pro 2500 Series to the Intel SSD Professional Family delivers a powerful storage solution to help businesses of all sizes meet their critical IT needs.”

“The Intel SSD Pro 2500 Series is the second-generation OPAL-based client storage solution that helps IT departments protect their users’ data and also provides valuable features to reduce operational costs,” stated Candace Worley, senior vice president and general manager, Endpoint Security, McAfee*, part of Intel Security. “The Pro 2500 Series is a perfect companion to our data protection solutions, managed by McAfee ePolicy Orchestrator*, all working in concert to provide IT departments with data security, management and control, wherever their endpoints may be.”

In an environment with Intel® vPro™ Technology, with Intel® Setup and Configuration Software and leading security software, the Pro 2500 Series drives can be managed remotely allowing IT to monitor and report drive health as well as track assets and remedy faults. This remote manageability enforces IT policies to help prevent mishaps and simultaneously provides a great user experience. Embedded and Internet of Things applications can also take advantage of the remote manageability features to help limit the number of IT professionals needed to oversee devices. To assist in protecting user data and lower the total cost of ownership, applications such as ATMs and remote digital signage can be updated, monitored and managed remotely.

“Corporations of every size are facing the growing challenge of protecting sensitive data and ensuring compliance with a litany of data protection laws and regulations,” said Bill Solms, president and CEO of Wave Systems*. “The Intel SSD Pro 2500 Series offers a sound foundation for any data security program, incorporating hardware-level encryption without impacting drive performance. Wave’s on-premise and cloud-based management software complements the Intel SSD Pro 2500 by offering remote drive provisioning, automated password recovery and secure audit logs to document that encryption was in place should a laptop become lost or stolen.”

The Intel SSD Professional Family is part of the Intel® Stable Image Platform Program, including a 15-month availability of the components and drivers for compatibility and stability across a qualified IT image. This helps minimize IT qualification and deployment times. The Intel SSD Pro 2500 Series also features five advance power modes helping to balance performance and power to enable a longer battery life and provide a better mobile experience.

The Intel SSD Pro 2500 Series will be available in both 2.5-inch and M.2 form factors and in capacities ranging from 120GB to 480GB. The Intel SSD Pro 2500 Series is backed by a 5-year limited warranty and features a world-class annualized failure rate (AFR) well below 1 percent. The AFRs of other SSDs and HDDs can reach as high as 5 percent or more in mobile environments.

The revelation that SIM cards rely on outdated encryption method make it surprising that an exploit has not been revealed long before now, but there is one that has been discovered and will be featured at this years Black Hat security conference. The proof of concept used was to send an improperly signed binary SMS to a device over the air which returns an error that contains the entire cryptographic signature for the SIM that received the signal, from there it is rather simple to crack the 56bit DES with modern hardware. Once you have the key you can send out a variety of commands to the device up to an including an OS update with certain customizations. Follow the links from The Inquirer for more information.

"A SIM CARD EXPLOIT that could leave millions of mobile phones vulnerable to hacking has been uncovered by German security firm Security Research Labs (SRL)."

The interface is pretty ugly but the Addonics CipherUSB is incredibly easy to use and is effective at folder level and disk level encryption. With the dongle on your machine you can encrypt internal and external disks which can then only be accessed when a similarly set up dongle and a password if you selected the option to require one. It uses AES256 ECB or CBC encryption, the standard when it comes to encryption and setup and usage are incredibly easy though there are a few minor flaws on the CipherUSB. Head over to Techgage for the review and a great overview of encryption in general.

"As important as data encryption can be for the home user, it’s even more imperative in the enterprise. The problem? The most effective measures are usually cast aside in lieu of something a little easier to deal with. With the CipherUSB, Addonics hopes to bring “simple” and “most effective” together as one. Does it succeed?"

Jitsi seems to be a lot of things, from an IM Client agglomerator such as Pidgin or Digsby, a combined XMPP and SIP VoIP client to a videoconferencing hub with all traffic encrypted using ZRTP. This Open Source software also claims integration with Microsoft Outlook and Apple Address Book, putting it in competition with Skype on more than one front. Unfortunately it will not connect to all online SIP or XMPP provider but Jitsi does offer an open XMPP bridge to host video calls and as it is open source there is no reason you could not construct your own. With the release of version 2.0 a host of new features and improvements have been added which you can read about by following the links at Slashdot. They have also partnered with the FMJ Project to allow recording of sessions as well as other possible customization thanks to the developers Wiki.

"Among the most prominent new features people will find quality multi-party video conferences for XMPP, audio device hot-plugging, support for Outlook presence and calls, an overhauled user interface and support for the Opus and VP8 audio/video codec. Jitsi has lately shaped into one of the more viable open Skype Alternatives with features such as end-to-end ZRTP encryption for audio and video calls. The 2.0 version has been in the works for almost a year now, so this is an important step for the project."

Google recently announced on their Inside Search blog that the company would be rolling out the default SSL encrypted search option for users signed in with a Google account internationally. Previously, the company made SSL encryption the default setting for Gmail and provided an alternative encrypted.google.com webpage for users that wanted to opt in to encrypted search. Earlier this year, they began testing SSL encrypted search and search results pages for users signed into Google in the US, and they are now ready to expand the default setting to international users.

They announced that over the next few weeks, they will begin introducing an SSL (secure socket layer) encrypted search page for localized international google pages such as google.co.uk (United Kingdom) and google.fr (France) among others. Further, they hope that their increased SSL commitment will encourage other websites to enable SSL on their domains to protect users from MITM (man in the middle) attacks and to ensure their sessions stay private.

More encryption is a good thing, and international users will be pleased to finally get a taste of it for their google search queries, especially now that the big G has enabled personalized search results.

If you haven't heard of the FIPS 140 Publication Series it is the Federal Information Processing Standard which accredits encrypted flash drives to one of four levels, with 1 being relatively secure and 4 representing encryption that is almost able to defend its self from penetration. Adding that level of security can slow things down, which is why Legit Reviews bought a few drives off of NewEgg to test.

"On paper it looks like the IronKey solutions should be faster, but you can't believe everything a company tells you when they are marketing a product they are trying to sell you. Since security is such a big deal to corporations these days we decided to order in these Flash drives and do some testing of our own. We've heard rumors and have experienced ourselves that review sites often get 'cherry picked' samples, so we ordered in as many drives as our $1000 self-prescribed budget would allow. You can look at our receipts from Amazon.com, TigerDirect.com and PConnection if you'd like..."